I've been wrestling with a new cyrus murder setup. At this point, edits
made to a backend server are properly propigated through the master and
frontends.
Now, i'm trying to test administration through the frontend servers.
For example, when i connect to a frontend server and issue a `CREATE
user.testuser imap-backend` the frontend logs show the following:
------------
May 18 10:00:28 imap-frontend imap[24327]: accepted connection
May 18 10:00:28 imap-frontend imap[24327]: mystore: starting txn 2147483656
May 18 10:00:28 imap-frontend imap[24327]: mystore: committing txn
2147483656
May 18 10:00:28 imap-frontend imap[24327]: starttls: TLSv1 with cipher
AES256-SHA (256/256 bits new) no authentication
May 18 10:00:28 imap-frontend imap[24327]: login: <client>
[128.113.124.76] <cyrusadmin> PLAIN+TLS User logged in
May 18 10:00:28 imap-frontend imap[24327]: Doing a peer verify
May 18 10:00:28 imap-frontend imap[24327]: Doing a peer verify
May 18 10:00:28 imap-frontend imap[24327]: received server certificate
May 18 10:00:28 imap-frontend imap[24327]: starttls: TLSv1 with cipher
AES256-SHA (256/256 bits new) no authentication
May 18 10:00:28 imap-frontend imap[24327]: couldn't authenticate to
backend server: no mechanism available
May 18 10:00:28 imap-frontend imap[24327]: PROTERR: end of file reached
----------
and the backend:
----------
May 18 10:00:28 imap-backend imap[5517]: accepted connection
May 18 10:00:28 imap-backend imap[5517]: mystore: starting txn 2147483674
May 18 10:00:28 imap-backend imap[5517]: mystore: committing txn 2147483674
May 18 10:00:28 imap-backend imap[5517]: starttls: TLSv1 with cipher
AES256-SHA (256/256 bits new) no authentication
-----------
Network dumps show that its using TLS, but i can't tell what the traffic
looks like after TLS starts. I've manually logged in with LOGIN to
verify that the <cyrusproxy>,<proxypasswd> combo is valid on the backend
server
Here are the pertainant pieces of my frontend imapd.conf...
-----------
configdirectory: /var/lib/imap
partition-default: /tmp
admins: <cyrusadmin>
proxy_authname: <cyrusproxy>
imap-backend_passwd: <proxypass>
postuser: sharedfolders
allowplaintext: 1
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN GSSAPI
sasl_minimum_layer: 0
tls_key_file: /etc/ssl/cert.key
tls_cert_file: /etc/ssl/cert.cert
tls_ca_file: /etc/ssl/CA.cert
# Murder
mupdate_username: <cyrusproxy>
mupdate_authname: <cyrusproxy>
mupdate_password: <proxypass>
mupdate_server: <imap-master.domain.tld>
---------
And the relivant parts of the backend config:
---------
admins: <cyrusadmin> <cyrusbackend>
postuser: sharedfolders
allowplaintext: 1
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN GSSAPI
sasl_minimum_layer: 0
# SSL
tls_key_file: /etc/ssl/cert.key
tls_cert_file: /etc/ssl/cert.cert
tls_ca_file: /etc/ssl/CA.cert
# Murder
mupdate_username: <cyrusbackend>
mupdate_authname: <cyrusbackend>
mupdate_password: <backendpasswd>
mupdate_server: <imap-master.domain.tld>
proxyservers: <cyrusbackend> <cyrusproxy>
allowusermoves: 1
---------
If anyone has suggestions it would be very much appreciated.
Thanks.
--
Brenden Conte
System Programmer, C&MT.CIO
Rensselaer Polytechnic Institute
(518)276-4264
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
